Expose to clearnet through Cloudflare argo tunnel

Made a first write up of the expose to clearnet via Cloudflare PR btcpayserver#667

Closes btcpayserver#1147

docs/Deployment/ManualDeployment.md

@@ -115,6 +115,59 @@ Now you can browse your server on port 8080.
 Note that by default, BTCPay Server will use SQLite as backend, while being easier, this is deprecated.
 You should better use a postgresql backend as documented on [Extended Manual Deployment](./ManualDeploymentExtended.md).
 
+## Expose BTCPay Server to clearnet using Cloudflare Argo Tunnel 
+
+This setup uses Cloudflare to create a tunnel to the remote machine running BTCPay Server and expose it securely to clearnet.
+
+### Step 1 Cloudflare setup 
+First, we are going to create the tunnel on Cloudflare.
+You need to create an account on Cloudflare and add their DNS to [your domain](https://www.namecheap.com/support/knowledgebase/article.aspx/9607/2210/how-to-set-up-dns-records-for-your-domain-in-cloudflare-account/), in this example would be YourDomain.com.
+
+### Step 2 Setting up Argo Tunnel
+
+After you've added the DNS and is propagated, you can start the setup of the Argo tunnel. Go to [Zero Trust](https://dash.teams.cloudflare.com/c1cd2ab2129af8897457d6f97c082725/onboarding) option on the left menu, go to "access", then click "tunnels".
+
+![IMG](../img/cloudflarexpose/btcpayexposecloudflare1.jpg)
+
+Once in tunnels, you can create a new one and click the "create tunnel" button. To see docs click [here](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup)
+
+![IMG](../img/cloudflarexpose/btcpayexposecloudflare2.jpg)
+
+Give it a name and on the next screen, "install the connector," click docker.
+
+![IMG](../img/cloudflarexpose/btcpayexposecloudflare3.jpg)
+
+Copy the string after --token, and click the next button at the bottom. You will need to input this token on an ENV variable on BTCPay setup script.
+
+![IMG](../img/cloudflarexpose/btcpayexposecloudflare4.jpg)
+
+On the last screen, you need to route the tunnel using your subdomain btcpay, select your domain from the list and leave the path empty. 
+Then on the service part, select HTTP and then write localhost. You are going to route the subdomain traffic to http:://localhost
+
+![IMG](../img/cloudflarexpose/btcpayexposecloudflare5.jpg)
+
+If you are using other port than 80 for HTTP you can route traffic to http:://localhost:YourPort
+
+This is the setup used in this example:
+
+```
+export BTCPAY_HOST="btcpay.YourDomain.com"
+export NBITCOIN_NETWORK="testnet"
+export BTCPAYGEN_CRYPTO1="btc"
+export BTCPAYGEN_REVERSEPROXY="nginx"
+export BTCPAYGEN_LIGHTNING="clightning"
+export BTCPAYGEN_ADDITIONAL_FRAGMENTS="cloudflared"
+export BTCPAYGEN_EXCLUDE_FRAGMENTS="$BTCPAYGEN_EXCLUDE_FRAGMENTS;nginx-https"
+export CLOUDFLARE_TUNNEL_TOKEN="YourTunnelTokenHere"
+. btcpay-setup.sh -i
+```
+
+See that Nginx reverse proxy is disabled as Cloudflare is acting as the reverse proxy and adds Cloudflare to BTCPAYGEN_ADDITIONAL_FRAGMENTS. Also, add the tunnel token to CLOUDFLARE_TUNNEL_TOKEN.
+
+:::tip
+This solution was created in [Pull Request #667](https://github.com/btcpayserver/btcpayserver-docker/pull/667) for further technical details. 
+:::
+
 ## Testnet Specific Deployments
 
 Follow the instructions for installing Bitcoin, .NET Core, NBXplorer and BTCPayServer above.